-
Notifications
You must be signed in to change notification settings - Fork 133
/
JavaSecurityContextHolderStrategy.java
82 lines (73 loc) · 2.85 KB
/
JavaSecurityContextHolderStrategy.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
/**
* SPDX-FileCopyrightText: 2018-2023 SAP SE or an SAP affiliate company and Cloud Security Client Java contributors
* <p>
* SPDX-License-Identifier: Apache-2.0
*/
package com.sap.cloud.security.spring.token.authentication;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolderStrategy;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.util.Assert;
import com.sap.cloud.security.token.Token;
/**
* This is an alternative to {@code ThreadLocalSecurityContextHolderStrategy} which keeps the
* {@code com.sap.cloud.security.token.SecurityContext} in sync.
*
* It's included in Spring Autoconfiguration
* {@link com.sap.cloud.security.spring.autoconfig.SecurityContextEnvironmentPostProcessor}
* <br>
*
* In cases when Spring Autoconfiguration is not used it can be enabled by setting the system environment variable
* {@code spring.security.strategy} to
* {@code com.sap.cloud.security.spring.token.authentication.JavaSecurityContextHolderStrategy}
* <br>
* or via <br>
*
* <pre>
* {@code
* @Bean
* public MethodInvokingFactoryBean setJavaSecurityContextHolderStrategy() {
* MethodInvokingFactoryBean methodInvokingFactoryBean = new MethodInvokingFactoryBean();
* methodInvokingFactoryBean.setTargetClass(SecurityContextHolder.class);
* methodInvokingFactoryBean.setTargetMethod("setStrategyName");
* methodInvokingFactoryBean
* .setArguments("com.sap.cloud.security.spring.token.authentication.JavaSecurityContextHolderStrategy");
* return methodInvokingFactoryBean;
* }
* }
* </pre>
*
* or via <br>
* {@code
* SecurityContextHolder.setStrategyName("com.sap.cloud.security.spring.token.authentication.JavaSecurityContextHolderStrategy")}
*/
public class JavaSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
private static final ThreadLocal<SecurityContext> contextHolder = new ThreadLocal<>();
public void clearContext() {
contextHolder.remove();
com.sap.cloud.security.token.SecurityContext.clear();
}
public SecurityContext getContext() {
SecurityContext context = contextHolder.get();
if (context == null) {
context = this.createEmptyContext();
contextHolder.set(context);
}
return context;
}
public void setContext(SecurityContext context) {
Assert.notNull(context, "Only non-null SecurityContext instances are permitted");
contextHolder.set(context);
Authentication authentication = context.getAuthentication();
if (authentication != null) {
Object principal = authentication.getPrincipal();
if (principal instanceof Token) {
com.sap.cloud.security.token.SecurityContext.setToken((Token) principal);
}
}
}
public SecurityContext createEmptyContext() {
return new SecurityContextImpl();
}
}